Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
File:                     OPp_x3GCjPs5cigk9_3z7cSzxSk.mft (raw, json)
Hash identifier:          Xdt3gwzEIMvsqfgwGkM8P+WE+/Ktc+LedTZ8MVWkH34=
Subject key identifier:   BB:CD:4A:98:8A:2D:61:42:AF:98:5B:39:96:6B:3C:92:A5:1A:71:5B
Authority key identifier: 38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29
Certificate issuer:       /CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529
Certificate serial:       0198D7A95FD1A0E9AC8E9EE02B4639900E6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
Manifest number:          40
Signing time:             Sat 23 Aug 2025 16:00:58 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:58 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:58 +0000
Files and hashes:         1: OPp_x3GCjPs5cigk9_3z7cSzxSk.crl (hash: ACzLpgSGcXo9rnc8+VMxPVbwUcQyKx048+DxVKk0NSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:5f:d1:a0:e9:ac:8e:9e:e0:2b:46:39:90:0e:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529
        Validity
            Not Before: Aug 23 16:00:58 2025 GMT
            Not After : Aug 24 16:00:58 2025 GMT
        Subject: CN=bbcd4a988a2d6142af985b39966b3c92a51a715b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:16:e1:7c:53:04:9f:2f:ef:8b:a5:9a:69:4f:
                    39:da:1c:52:a4:b3:a6:c5:f9:1a:27:19:5e:4a:07:
                    46:68:3b:31:0a:6c:c5:bd:72:58:cb:83:54:7f:01:
                    00:37:5e:51:1e:13:d8:60:88:7a:54:7e:8a:e1:46:
                    ca:02:a0:34:87:7d:d6:d8:75:99:49:16:40:ce:cf:
                    75:c6:fd:27:17:d4:cb:51:a9:9f:7d:fe:af:63:91:
                    4d:91:cc:bb:d2:fd:20:52:eb:8a:66:f0:16:65:6b:
                    93:de:11:34:74:05:de:98:96:c3:17:68:5e:ea:df:
                    2d:b1:c9:a9:97:8d:1a:62:a7:e4:81:ee:81:60:6c:
                    ae:67:b9:49:b1:fd:e1:81:27:5e:46:1a:9b:cf:74:
                    c3:63:99:4d:aa:a6:08:06:eb:ef:50:45:b6:08:76:
                    79:24:49:b1:56:7a:ca:ea:fc:c2:52:7d:60:7e:40:
                    df:a0:85:a8:81:f8:1a:fb:60:e4:66:91:c3:b1:e3:
                    df:21:29:00:cc:cc:c3:9c:e5:c5:a8:6e:e2:98:3d:
                    8b:a9:09:93:1a:ed:23:75:29:bd:fd:53:06:4a:87:
                    29:46:8c:9d:bc:08:95:df:e8:b5:84:7e:bd:d9:6f:
                    a6:31:43:d5:12:52:b2:45:f6:59:74:b8:7d:e9:5d:
                    15:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:CD:4A:98:8A:2D:61:42:AF:98:5B:39:96:6B:3C:92:A5:1A:71:5B
            X509v3 Authority Key Identifier:
                keyid:38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:d2:d5:e8:86:44:00:8d:b8:9a:d0:a7:82:7f:c7:80:d3:38:
         85:33:52:0a:5b:4a:48:d9:da:af:f4:ad:44:7c:15:a7:35:60:
         9d:a0:21:88:2d:0a:da:fd:d2:ff:ad:34:ec:48:26:8c:d8:0d:
         a5:00:80:d9:eb:9d:40:81:30:04:d5:be:3f:4e:ad:c9:ca:b5:
         1a:18:d0:bf:f2:65:76:d7:62:1d:b1:cf:90:7d:90:8b:3a:39:
         68:28:c1:e6:33:24:2d:d8:2e:30:ae:ea:09:8b:34:28:80:fd:
         fa:d7:7f:f9:f0:04:c5:69:65:c6:28:79:b8:b7:2a:2b:23:1d:
         b1:ea:98:20:05:35:c0:53:45:38:94:23:58:b0:7b:33:0c:90:
         b5:0b:32:3e:37:26:e8:9f:2e:4e:66:2f:c8:cc:8f:b8:b8:96:
         92:53:0a:0c:02:db:2c:e9:19:c3:fc:63:df:51:44:d7:27:de:
         31:00:40:2c:33:f7:16:85:90:2e:e4:3c:81:15:4d:d2:64:dd:
         c0:45:f9:81:2c:7a:57:3a:ce:51:08:ec:49:0d:d4:34:8f:71:
         8c:70:b8:00:91:a4:a2:4c:74:bf:53:ad:fb:33:1e:74:07:70:
         75:3e:ad:d7:4d:ed:9e:fe:85:4e:99:35:06:a8:d7:7d:c2:50:
         9e:48:76:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqV/RoOmsjp7gK0Y5kA5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZmE3ZmM3NzE4MjhjZmIzOTcyMjgyNGY3ZmRmM2VkYzRi
M2M1MjkwHhcNMjUwODIzMTYwMDU4WhcNMjUwODI0MTYwMDU4WjAzMTEwLwYDVQQD
EyhiYmNkNGE5ODhhMmQ2MTQyYWY5ODViMzk5NjZiM2M5MmE1MWE3MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBbhfFMEny/vi6WaaU852hxSpLOm
xfkaJxleSgdGaDsxCmzFvXJYy4NUfwEAN15RHhPYYIh6VH6K4UbKAqA0h33W2HWZ
SRZAzs91xv0nF9TLUamfff6vY5FNkcy70v0gUuuKZvAWZWuT3hE0dAXemJbDF2he
6t8tscmpl40aYqfkge6BYGyuZ7lJsf3hgSdeRhqbz3TDY5lNqqYIBuvvUEW2CHZ5
JEmxVnrK6vzCUn1gfkDfoIWogfga+2DkZpHDsePfISkAzMzDnOXFqG7imD2LqQmT
Gu0jdSm9/VMGSocpRoydvAiV3+i1hH692W+mMUPVElKyRfZZdLh96V0VSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvNSpiKLWFCr5hbOZZrPJKlGnFbMB8GA1UdIwQY
MBaAFDj6f8dxgoz7OXIoJPf98+3Es8UpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYt
MTI5Nzc4Mjc1NWZkLzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYtMTI5Nzc4Mjc1NWZk
LzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9LV6IZE
AI24mtCngn/HgNM4hTNSCltKSNnar/StRHwVpzVgnaAhiC0K2v3S/6007EgmjNgN
pQCA2eudQIEwBNW+P06tycq1GhjQv/JldtdiHbHPkH2Qizo5aCjB5jMkLdguMK7q
CYs0KID9+td/+fAExWllxih5uLcqKyMdseqYIAU1wFNFOJQjWLB7MwyQtQsyPjcm
6J8uTmYvyMyPuLiWklMKDALbLOkZw/xj31FE1yfeMQBALDP3FoWQLuQ8gRVN0mTd
wEX5gSx6VzrOUQjsSQ3UNI9xjHC4AJGkokx0v1Ot+zMedAdwdT6t103tnv6FTpk1
BqjXfcJQnkh22Q==
-----END CERTIFICATE-----